Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/d5A95se0niiHTSXwkjVDGoVqdSs.roa
File: d5A95se0niiHTSXwkjVDGoVqdSs.roa (raw, json)
Hash identifier: RauyaohCOTtybNE0iX3jgDh3FwvgdeyI3U3jehDC6PA=
Subject key identifier: 77:90:3D:E6:C7:B4:9E:28:87:4D:25:F0:92:35:43:1A:85:6A:75:2B
Certificate issuer: /CN=623f344fd4a91bfad138308d527155bbce52af6e
Certificate serial: 0185706737C3862AC3FD48548EF277B48BFB
Authority key identifier: 62:3F:34:4F:D4:A9:1B:FA:D1:38:30:8D:52:71:55:BB:CE:52:AF:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yj80T9SpG_rRODCNUnFVu85Sr24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/d5A95se0niiHTSXwkjVDGoVqdSs.roa
Signing time: Mon 02 Jan 2023 02:54:50 +0000
ROA not before: Mon 02 Jan 2023 02:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8819
IP address blocks: 83.142.192.0/21 maxlen: 21
91.189.24.0/21 maxlen: 21
46.227.104.0/21 maxlen: 21
185.188.68.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:37:c3:86:2a:c3:fd:48:54:8e:f2:77:b4:8b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623f344fd4a91bfad138308d527155bbce52af6e
Validity
Not Before: Jan 2 02:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77903de6c7b49e28874d25f09235431a856a752b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e1:67:0e:16:ab:48:52:ae:74:07:0c:43:7c:
39:76:79:57:86:1b:72:72:c5:c7:90:c7:23:43:44:
d0:c0:c4:e8:bb:17:b2:a4:96:bd:88:99:1d:0c:01:
05:b5:5a:44:30:31:35:c0:60:69:6c:43:63:0d:54:
fd:d3:37:9a:c0:43:36:b1:a0:57:90:10:f2:41:97:
19:71:84:f2:48:94:05:e1:b9:8e:36:e9:81:6a:df:
84:03:59:84:f7:93:b0:c4:04:66:e5:05:9d:d3:76:
fe:86:b5:38:5c:84:56:d0:08:48:c4:a8:d0:79:ad:
cd:cd:5a:7f:28:ec:73:d3:72:3a:4c:33:b8:0d:96:
8e:1a:51:2e:2a:93:b3:fc:ae:b8:2a:29:b5:c3:1e:
da:02:3c:bb:77:82:35:69:da:01:f6:27:11:d2:36:
81:a8:0b:46:5f:d9:0d:ad:a8:9b:93:6b:e3:c4:d9:
10:60:bf:31:72:d5:eb:a4:da:c2:99:a4:8c:19:07:
f2:8c:7b:69:d0:75:40:7c:0b:8f:67:03:4a:60:87:
f1:2f:ed:f9:5c:47:ba:d1:87:5f:3f:5e:b2:12:09:
7d:3d:5c:53:bf:4b:9b:af:07:f2:11:78:3c:f4:7d:
01:94:c3:6d:32:e8:ce:9c:12:5e:70:1b:fe:7d:dc:
6d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:90:3D:E6:C7:B4:9E:28:87:4D:25:F0:92:35:43:1A:85:6A:75:2B
X509v3 Authority Key Identifier:
keyid:62:3F:34:4F:D4:A9:1B:FA:D1:38:30:8D:52:71:55:BB:CE:52:AF:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yj80T9SpG_rRODCNUnFVu85Sr24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/d5A95se0niiHTSXwkjVDGoVqdSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/Yj80T9SpG_rRODCNUnFVu85Sr24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.104.0/21
83.142.192.0/21
91.189.24.0/21
185.188.68.0/22
Signature Algorithm: sha256WithRSAEncryption
75:20:14:ff:4f:a2:94:4d:57:9d:6d:f8:bc:e0:cc:ed:8b:55:
f7:09:39:fa:c3:8b:a5:71:7d:da:5b:e2:05:b5:26:bb:23:14:
9e:de:3e:9b:ff:28:a1:50:ad:65:da:5b:d4:5b:48:04:6c:18:
2f:57:60:c2:ac:d5:33:78:6a:ca:77:7e:8d:0f:ac:05:83:e6:
64:26:c5:27:b4:20:62:78:94:eb:f1:07:cd:c4:73:77:3c:76:
d4:4a:ea:dc:01:3a:db:b9:a2:58:03:a2:b3:f6:3e:26:54:7f:
ca:9e:70:4b:88:0f:ed:f8:47:09:7b:bc:b7:31:c2:ad:93:82:
b0:9c:33:f5:54:6b:46:65:ac:fd:6a:c6:72:31:c5:00:4f:11:
e8:b7:3f:e7:2c:4e:43:e9:4d:1e:c9:86:3c:cc:c0:54:cf:98:
94:f7:25:fa:53:14:48:85:07:74:69:f5:bc:1d:f5:6c:2b:7b:
c1:2b:ae:8f:7f:08:3f:f3:c5:ae:be:2e:9a:e2:da:1f:e2:65:
70:51:60:19:27:8b:a5:58:6f:04:e0:61:51:38:42:07:70:da:
01:c0:c1:72:22:28:4d:30:6f:76:4c:e2:af:aa:a1:b7:45:f8:
f3:43:7a:7b:18:e7:3e:b0:3d:0f:bf:57:2b:4b:c1:e1:a2:90:
c1:9a:cb:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwZzfDhirD/UhUjvJ3tIv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyM2YzNDRmZDRhOTFiZmFkMTM4MzA4ZDUyNzE1NWJiY2U1
MmFmNmUwHhcNMjMwMTAyMDI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzkwM2RlNmM3YjQ5ZTI4ODc0ZDI1ZjA5MjM1NDMxYTg1NmE3NTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOFnDharSFKudAcMQ3w5dnlXhhty
csXHkMcjQ0TQwMTouxeypJa9iJkdDAEFtVpEMDE1wGBpbENjDVT90zeawEM2saBX
kBDyQZcZcYTySJQF4bmONumBat+EA1mE95OwxARm5QWd03b+hrU4XIRW0AhIxKjQ
ea3NzVp/KOxz03I6TDO4DZaOGlEuKpOz/K64Kim1wx7aAjy7d4I1adoB9icR0jaB
qAtGX9kNraibk2vjxNkQYL8xctXrpNrCmaSMGQfyjHtp0HVAfAuPZwNKYIfxL+35
XEe60YdfP16yEgl9PVxTv0ubrwfyEXg89H0BlMNtMujOnBJecBv+fdxt9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHeQPebHtJ4oh00l8JI1QxqFanUrMB8GA1UdIwQY
MBaAFGI/NE/UqRv60TgwjVJxVbvOUq9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWo4MFQ5U3BHX3JST0RDTlVuRlZ1ODVTcjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xMDVkYTAtMGM3ZC00MTVkLThkMDAt
YTM0ZTg2NzlmMzc0LzEvZDVBOTVzZTBuaWlIVFNYd2tqVkRHb1ZxZFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xMDVkYTAtMGM3ZC00MTVkLThkMDAtYTM0ZTg2NzlmMzc0
LzEvWWo4MFQ5U3BHX3JST0RDTlVuRlZ1ODVTcjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLuNoAwQD
U47AAwQDW70YAwQCubxEMA0GCSqGSIb3DQEBCwUAA4IBAQB1IBT/T6KUTVedbfi8
4Mzti1X3CTn6w4ulcX3aW+IFtSa7IxSe3j6b/yihUK1l2lvUW0gEbBgvV2DCrNUz
eGrKd36ND6wFg+ZkJsUntCBieJTr8QfNxHN3PHbUSurcATrbuaJYA6Kz9j4mVH/K
nnBLiA/t+EcJe7y3McKtk4KwnDP1VGtGZaz9asZyMcUATxHotz/nLE5D6U0eyYY8
zMBUz5iU9yX6UxRIhQd0afW8HfVsK3vBK66Pfwg/88Wuvi6a4tof4mVwUWAZJ4ul
WG8E4GFROEIHcNoBwMFyIihNMG92TOKvqqG3RfjzQ3p7GOc+sD0Pv1crS8HhopDB
mstd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:16 2025 by rpki-client